The Financial Times is reporting that Google is phasing out the internal use of Microsoft’s Windows operating system because of security concerns.

The report, which is short on solid sourcing, quotes Google's employees as saying the company is steering people towards using Apple's Mac or the Linux operating system to avoid malicious hacker attacks.

“We’re not doing any more Windows. It is a security effort,” said one Google employee.

Many people have been moved away from [Windows] PCs, mostly towards Mac OS, following the China hacking attacks,” said another.

New hires are now given the option of using Apple’s Mac computers or PCs running the Linux operating system. “Linux is open source and we feel good about it,” said one employee. “Microsoft we don’t feel so good about.”

In early January, some new hires were still being allowed to install Windows on their laptops, but it was not an option for their desktop computers. Google would not comment on its current policy.

Employees wanting to stay on Windows required clearance from “quite senior levels”, one employee said. “Getting a new Windows machine now requires CIO approval,” said another employee.

As any regular reader of this blog knows, Apple's Mac OS X is not exactly safe and secure. In fact, when it comes to targeted attacks (like Aurora and the kinds that Google should be worried about), the Mac might be the easiest to penetrate because it lacks the anti-exploit mitigations now common in Windows.

This story makes little sense to me. For starters, Google's software products are made for -- and marketed to -- mainly Windows users. How exactly are software developers expected to build products for an operating system when they're not allowed to use it?

As much as we love to bash on Microsoft over security, the newest versions of the Windows operating system are by far the most difficult to penetrate.

If Google has an internal problem with mass-market malware (scareware, ID-theft trojans, etc.), then it would make sense to push some departments to an alternative OS but if this is a reaction to the Aurora attacks, then the company is pushing its head deep into the sand.

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem...
Full Bio

Disclosure

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.